Mxyj Heartplus Ecg
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The skill’s ECG-report purpose is coherent, but it downloads and runs an opaque local security binary while handling phone and health-report authorization data.
Only install this if you trust the publisher and are comfortable with a downloaded local gateway program running on your device. Expect to provide a China mainland phone number, authorize the Heartplus app, and have phone/session state stored locally. Consider sandboxing the skill or removing its local config when you stop using it.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using the skill may require trusting an opaque downloaded executable that can run locally while the skill handles health-app authorization.
The skill depends on downloading platform-specific native healthgateway binaries from a remote OSS location. Hash pinning helps integrity, but the binary itself is not included in the reviewed source and must be trusted separately.
"url": "https://aigc-online.oss-cn-hangzhou.aliyuncs.com/mxyj-skills/heartplus/binary-tool/release/v0.0.2/healthgateway-linux-amd64", "sha256": "0f33ea42cdc98cc419d3b8989712118ed4a203162e2cf5fd2012ae9cdd04ae25"
Install only if you trust the publisher and the binary source. The publisher should provide signed binaries, public provenance, and preferably source or an auditable build process.
If the downloaded gateway binary is compromised or not what the user expects, it could run with the user’s local privileges.
The gateway manager automatically ensures the binary is present, downloads it if needed, then executes it as a subprocess.
bin_path = self.ensure_binary(auto_download=True)
cmd = [str(bin_path), subcommand, *args]
...
result = subprocess.run(Require explicit user approval before first download and execution, show the exact binary source, and run it with the least privileges possible.
The skill can interact with the Heartplus account flow and retrieve authorized ECG report data.
The skill requires phone binding and app authorization to send notifications and retrieve ECG reports. This is central to the stated purpose and is disclosed, but it is sensitive delegated account access.
- 手机号配置与复用 - App 授权通知与授权状态查询 - 安全校验状态核验 - 心电检测通知 - 报告列表与详情查询
Use only with your own Heartplus account and phone number, and review how to revoke or expire authorization if you stop using the skill.
Your phone number and session authorization state may remain on disk after the immediate task is complete.
Phone numbers and per-session authorization state are persisted in the skill configuration file for reuse across sessions.
phones_by_session_key[resolved_session_key] = normalized_phone
config["phones_by_session_key"] = phones_by_session_key
...
config["session_auth_by_session_key"] = session_auth_by_session_key
return self.save_json(config)The skill should document retention and cleanup. Users should remove the stored configuration if they no longer want the skill to remember their phone/session state.